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Amendments to the Claims: 

This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

Listing of Claims: 

1 . (Previously Presented) A method for provision of access for a data requesting 
entity to data related to a principal, comprising the following steps: 

creating an access granting ticket comprising 

(a) an access specification specifying a permission for an access to data related 
to the principal, said data being available at a data providing entity, 

(b) a principal identifier representing the principal towards the data providing 
entity, 

- encrypting the access granting ticket with an encryption key of the data 
providing entity, 

- communicating to the data requesting entity the encrypted access granting 
ticket accompanied by an identifier of the data providing entity, 
-communicating from the data requesting entity to the data providing entity a 
request comprising the encrypted access granting ticket, 

- decrypting the encrypted access granting ticket with a decryption key of the 
data providing entity corresponding to the encryption key, 

- providing to the data requesting entity access to data related to the principal 
identifier according to the access specification. 

2. (Original) The method according to claim 1, wherein the encrypted access 
granting ticket comprises or is accompanied by verification information and access is 
provided based on an analysis of the verification information. 

3. (Previously Presented) The method according to claim 1 , wherein the request 
to the data providing entity comprises a specification for requested data related to the • 
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principal and access is provided according to a matching of the access specification and 
the requested data. 

4. (Previously Presented) The method according to claim 1, wherein the access 
granting ticket is created based on a data storage correlating at least two items of a 
group comprising the identifier of the data providing entity, the data related to the 
principal available at the data providing entity, the principal identifier, the encryption key, 
and the access specification. 

5. (Previously Presented) The method according to claim 1, wherein an 
indication for the access specification is entered into a principal entity to create the 
access granting ticket. 

6. (Previously Presented) The method according to claim 1. wherein the access 
granting ticket further comprises security information and access is provided based on 
an analysis of the security information. 

7. (Previously Presented) The method according to claim 1, wherein the 
encrypted access granting ticket is accompanied by public infomnation. 

8. (Previously Presented) The method according to claim 1, wherein the request 
to the data providing entity is communicated based on an analysis of the public 
information. 

9. (Previously Presented) The method according to claim 1 , wherein the 
decryption is based on an analysis of the public information, 

10. (Previously Presented) The method according to claim 1, wherein the data to 
which access is provided to is transferred to the data requesting entity. 
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11. (Previously Presented) The method according to claim 1, wherein at least 
one further encrypted-access granting ticket for further data related to the principal 
available at least one further data providing entity is created and communicated to the 
data requesting entity for provision of access to the further principal related data 
available at the at least one further data providing entity, the at least one further 
encrypted access granting ticket being accompanied by at least one further identifier of 
the at least one further data providing entity. 

12. (Previously Presented) A principal entity for provision of access for a data 
requesting entity to data related to a principal, comprising a transmission unit for 
sending of messages and information and a processing unit for processing of messages 
and information, wherein the processing unit creates an access granting ticket 
comprising an access specification specifying a permission for an access to data related 
to the principal, said data being available at a data providing entity, and a principal 
identifier representing the principal towards the data providing entity, to encrypt the 
access granting ticket with an encryption key of the data providing entity, and to obtain 
an identifier of the data providing entity, and the transmission unit sends the encrypted 
access granting ticket accompanied by the identifier of the data providing entity to the 
data requesting entity. 

13. (Previously Presented) The principal entity according to claim 12. wherein the 
processing unit is adapted to include verification information into the access granting 
ticket and/or to attach verification information to the encrypted access granting ticket 
and the transmission unit is adapted to send the encrypted access granting ticket 
accompanied by the attached verification information to the data requesting entity. 

14. (Previously Presented) The principal entity according to claim 12. wherein the 
processing unit is adapted to access a data storage correlating at least two items of a 
group comprising of the identifier of the data providing entity, the data related to the 
principal available at the data providing entity, the principal identifier,, the encryption key, 



Page 4 of 12 



Appl. No. 10/551,855 

Amdt. Dated May 24. 2010 

Reply to Office action of March 8, 2010 

Attorney Docket No. P16731-US1 

EUS/GJ/P/10-7632 

and the access specification, and to create the access granting ticket based on the data 
storage. 

15. (Previously Presented) The principal entity according to claim 12. wherein the 
processing unit is adapted to create the access granting ticket based on an indication 
for the access specification entered into an input unit of the principal entity. 

16. (Previously Presented) The principal entity according to claim 12, wherein the 
processing unit is adapted to include security infonnation into the access granting ticket. 

17. (Previously Presented) The principal entity according to claim 12, wherein the 
processing unit is adapted to obtain public information, and the transmission unit is 
adapted to send the encrypted access granting ticket accompanied by the public 
information to the data requesting entity. 

18. (Previously Presented) The principal entity according to claim 12, wherein the 
processing unit is adapted to create at least one further encrypted access granting ticket 
for further data related to the principal available at least one further data providing entity 
and the transmission unit is adapted to send the further encrypted access granting ticket 
to the data requesting entity accompanied by at least one further identifier of the at least 
one further data providing entity for provision of access to the further principal related 
data accessible at the at least one further data providing entity. 

19. (Previously Presented) A data requesting entity comprising a receiving unit 
for receiving messages and infonnation; a transmission unit for sending of messages 
and Information, and a processing unit for prpcessing of messages and information, the 
receiving unit receives a first encrypted access granting ticket for provision of access to 
first data related to a principal, said first data being available at a first data providing 
entity, the first encrypted access granting ticket being accompanied by an identifier of 
the first data providing entity and to receive a further encrypted access granting ticket 
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for provision of access to further data related to the principial, said further data being 
available at a further data providing entity, the further encrypted access granting ticket 
being accompanied by a further identifier of the further data providing entity, the 
processing unit generates a first request comprising the first encrypted access granting 
ticket and a further request comprising the further encrypted access granting ticket and 
the transmission unit sends the first request to the first data providing entity and the 
further request to the further data providing entity, and the receiving unit receives a first 
indication for access provision to the first data from the first data providing entity and a 
further indication for access provision to the further data from the further data providing 
entity. 

20. (Previously Presented) The data requesting entity according to claim 19, 
wherein at least one of the first encrypted access granting ticket and the further 
encrypted access granting ticket is accompanied by public information and the 
processing unit is adapted to analyze the public information before the generation of at 
least one of the first request and the further request. 

21. (Previously Presented) The data request according to claim 19, wherein the 
first indication-comprises the first data related to the-principal-and the further indication 
comprises the further data related to the principal. 

22. (Previously Presented) A data providing entity for provision of access to data 
related to a principal, the data providing entity comprising a receiving unit for receiving 
messages and information, a transmission unit for sending of messages and 
infomnatlon. and a processing unit for processing of messages and infonnation, wherein 
the receiving unit receives a request from a data requesting entity, the request 
comprising an access granting ticket encrypted with an encryption key of the data 
providing entity, the access granting ticket comprising an access specification specifying 
a permission for an access to data related to the principal, said data being available at 
the data providing entity, and a principal identifier representing the principal towards the 
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data providing entity; the processing unit decrypts the encrypted access granting ticket 
with a decryption key of the data providing entity con^esponding to the encryption key 
and provides to the data requesting entity access to data related to the principal 
identifier according to the access specification. 

23. (Previously Presented) The data providing entity according to claim 22, 
wherein the encrypted access granting ticket comprises or is accompanied by 
verification information and the processing unit provides access based on an analysis of 
the verification information. 

24. (Previously Presented) The data providing entity according to claim 22, 
wherein the request comprises a specification for requested data related to the principal 
and the processing unit provides access according to a matching of the access 
specification and the requested data. 

25. (Previously Presented) The data providing entity according to claim 22, 
wherein the access granting ticket further comprises security information and the 
processing unit provides access based on an analysis of the security information. 

26. (Previously Presented) The data providing entity according to claim 22, 
wherein the encrypted access granting ticket is accompanied by public information and 
the processing unit initiates the decryption based on an analysis of the public 
information. 

27. (Previously Presented) The data providing entity according to claim 22, 
wherein the transmission unit sends the data, to which access is provided to. to the data 
requesting entity. 

28. (Previously Presented) A computer readable medium having stored thereon a 
plurality of instructions, the plurality of instructions including instructions which, when 
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executed by a processor, cause the processor to perform the steps of a method, 
comprising: 

create an access granting ticket comprising an access specification specifying a 
permission for an access to data related to the principal, said data being available at a 
data providing entity, and a principal identifier representing a principal towards the data 
providing entity, to encrypt the access granting ticket with an encryption key of the data 
providing entity, to obtain an identifier of a data providing entity, and to initiate a sending 
of the encrypted access granting ticket accompanied by the identifier of the data 
providing entity to the data requesting entity. 

29. (Previously Presented) A computer readable medium having stored thereon a 
plurality of instructions, the plurality of instructions including instructions which, when 
executed by a processor, cause the processor to perform the steps of a method, 
comprising: 

process a first encrypted access granting ticket for provision of access to first 
data related to a principal, said first data being available at a first data providing entity, 
the first encrypted access granting ticket being accompanied by an identifier of the first 
data providing entity and to process a further encrypted access granting ticket for 
provision of access to further data related to the principal, said further data being 
available at a further data providing entity, the further encrypted access granting ticket 
being accompanied by a further identifier of the further data providing entity, to generate 
a first request comprising the first encrypted access granting ticket and a further request 
comprising the further encrypted access granting ticket and to initiate a sending of the 
first request to the first data providing entity and of the further request to the further data 
providing entity, and to process a first indication for access provision to the first data 
from the first data providing entity and a further indication for access provision to the 
further data from the further data providing entity. 

30. (Previously Presented) A computer readable medium having stored thereon a 
plurality of instructions, the plurality of instmctions including instructions which, when 
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executed by a processor, cause the processor to perform the steps of a method, 
comprising: 

process a request from a data requesting entity, the request comprising an 
access granting ticket encrypted with an encryption key of the data providing entity, the 
access granting ticket comprising an access specification specifying a permission for an 
access to data related to a principal, said data being available at the data providing 
entity, and a principal identifier representing the principal towards the data providing 
entity, to decrypt the encrypted access granting ticket with a decryption key of the data 
providing entity corresponding to the encryption key and to provide to the data 
requesting entity access to data related to the principal identifier according to the 
access specification. 

31. (Canceled) 
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